Comments (4)
I think your problem is effectively the same as in this issue:
#137 (comment)
As explained there, once the user is found and the password is validated, the link to the legacy system is severed. Afterwards, Keycloak will not call the legacy system for that user anymore.
What you need could possibly be achieved by not severing the link at that point. However, to quote my own comment:
You'd have to figure out at what other point you want to sever the link, though (I assume you want to turn off your old auth system eventually), and keep in mind that AFAIK this will make it so that the password will NOT be checked on Keycloak's side (so changing the password in Keycloak won't work until you sever the link).
from keycloak-user-migration.
Thanks @daniel-frak , that totally makes sense, thanks for the explanation. I tried searching the issues, but didn't find that one. Maybe we should add this to the README, so that people know what to expect and save you from answering the same question again?
from keycloak-user-migration.
That sounds like a great idea!
Do you want to make a PR for the README update?
from keycloak-user-migration.
I've updated the docs to clarify the consequences of the link being severed.
Let me know if there's anything else you were thinking about adding there.
from keycloak-user-migration.
Related Issues (20)
- Legacy role conversation fields becomes empty after save HOT 1
- Cannot reach api via http in kubernetes HOT 1
- Compatible with Keycloak 22 (JAX-RS)? HOT 10
- Not able to recreate migrated users HOT 1
- Swagger is not working HOT 1
- Rest Client URI is not invoked. Nothing is logs related to this plugin HOT 6
- Federation Cache Expiration Issues and Docs Clarification HOT 4
- Username with uppercase letters causing errors HOT 8
- Support fort 23.X HOT 3
- Mobile Number support? HOT 2
- Docker is required?? HOT 1
- migration via rest doesnt show up in user federation HOT 2
- rest api doesnt import wp users HOT 1
- [BUG] Resetting password randomly locks user out of Keycloak, returning 403 for "GET /admin/serverinfo" request HOT 1
- No defense against brute force attacks [enhancement idea] HOT 3
- Bypassing password complexity requirements on import HOT 1
- End-to-end tests are broken
- Half migrated users can not be deleted in Keycloak HOT 1
- FR: Credentials import
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from keycloak-user-migration.